Samba AD on CentOS7
This page describe Samba4 Active Directory installation on CentOS. The environment is composed of 2 DCs with replication, and one fileserver.
Enviroment
dc1.domain.com.br dc2.domain.com.br fileserver.domain.com.br
Installation
The installation is based on CentOS7 Minimal ISO, you should update the system, and install basic tools.
yum update yum install -y vim wget
Pre-Setup
This pre-setup can be done in all 3 servers, basically it will setup the Sernet Samba Repository and install samba from repo.
wget https://raw.githubusercontent.com/hflautert/lotus7/master/samba4/pre_install_samba4.sh chmod +x pre_install_samba4.sh ./pre_install_samba4.sh
DC1 Setup
First of all we need a domain, so lets provision it.
samba-tool domain provision --use-rfc2307 --interactive
DC2 Setup
Setup kerberos, you can use the as dc1.
scp root@dc1.domain.com.br:/etc/krb5.conf /etc/krb5.conf
Join as DC.
samba-tool domain join domain.com.br DC -Uadministrator --realm=domain.com.br
Fix DNS if it was not created automatically:
samba-tool dns add dc1 domain.com.br dc2 A <IP-OF-DC2> -Uadministrator
After couple minutes, we can see the replication:
samba-tool drs showrepl
Post Setup
This post setup will configure the services to startup and disable Selinux and Firewall, during my tests firewalld did not save the allowed ports, even with permanent flag, so I´v decided to disable to avoid problems.
wget https://raw.githubusercontent.com/hflautert/lotus7/master/samba4/post_install_samba4.sh chmod +x post_install_samba4.sh ./post_install_samba4.
Fileserver Setup
The pre-setup is the same, but we are not going provision neither join, the fileserver will be just a member of domain: